Feeds

Baidu sues registrar over DNS records hack

Legal salvo lands in New York

Website security in corporate America

Baidu has filed suit against its US-based domain registrar after a recent DNS records hack that redirected surfers towards a defaced page, instead of the Chinese search engine.

The traffic hijack attack resulted from "gross negligence" on the part of domain registrars Register.com (no relation), a lawsuit filed by Baidu in New York alleges.

As a result of the 12 January hack, surfers hoping to reach Baidu.com were redirected to a site run by the Iranian Cyber Army. The search engine's Chinese site (Baidu.com.cn) was unaffected by the cyber-assault.

Baidu said the redirection attack affected its traffic for hours before its records were put straight. The search engine site declined to detail its losses or specify how much it was seeking in damages from Register.com, Chinese news agency Xinhua reports.

The legal move follows two days after Baidu announced that its CTO Yinan Li was leaving the firm for unspecified "personal reasons", via a minimalist statement that did nothing to quell speculation he'd been shown the door in the wake of last week's DNS hijack attack.

Baidu controls an estimated 62 per cent of the Chinese search market recently placed in flux by Google's threat to quit the country, in the wake of unrelated cyber-espionage attacks traced back to China.

The Iranian Cyber Army group responsible for the Baidu attack carried out a similar DNS hijack attack against Twitter last month, protesting Western cyber activism in the wake of disputed Iranian elections last year. ®

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.